Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

sql: add VIEWSYSTEMTABLE system privilege #109474

Merged
merged 1 commit into from Aug 25, 2023
Merged

sql: add VIEWSYSTEMTABLE system privilege #109474

merged 1 commit into from Aug 25, 2023

Conversation

rafiss
Copy link
Collaborator

@rafiss rafiss commented Aug 24, 2023

This privilege is useful for support situations, where an engineer needs to be able to view system tables without having full admin access.

informs #95756
Release note (sql change): Added the VIEWSYSTEMTABLE system privilege. Users with this privilege have SELECT privileges for all tables in the system database.

@rafiss rafiss added the backport-23.1.x Flags PRs that need to be backported to 23.1 label Aug 24, 2023
@rafiss rafiss requested a review from a team as a code owner August 24, 2023 22:10
@cockroach-teamcity
Copy link
Member

This change is Reviewable

annrpom
annrpom reviewed Aug 24, 2023
View reviewed changes
Copy link
Contributor

@annrpom annrpom left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Reviewed 4 of 4 files at r1, all commit messages.
Reviewable status: :shipit: complete! 0 of 0 LGTMs obtained (waiting on @andyyang890 and @rafiss)

pkg/sql/authorization.go line 274 at r1 (raw file):

	// Special case for system tables. The VIEWSYSTEMTABLE system privilege is
	// equivalent to having SELECT on all system tables. This is because it is not
	// possible to dybamically grant SELECT privileges system tables, but in the

nit: dynamically

andyyang890
andyyang890 approved these changes Aug 25, 2023
View reviewed changes
Copy link
Collaborator

@andyyang890 andyyang890 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

:lgtm:

Reviewed 2 of 4 files at r1, all commit messages.
Reviewable status: :shipit: complete! 1 of 0 LGTMs obtained (waiting on @rafiss)

@rafiss
sql: add VIEWSYSTEMTABLE system privilege
a029f65 
This privilege is useful for support situations, where an engineer needs
to be able to view system tables without having full admin access.

Release note (sql change): Added the VIEWSYSTEMTABLE system privilege.
Users with this privilege have SELECT privileges for all tables in the
system database.
rafiss
rafiss commented Aug 25, 2023
View reviewed changes
Copy link
Collaborator Author

@rafiss rafiss left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

tftr!

bors r+

Reviewable status: :shipit: complete! 0 of 0 LGTMs obtained (and 1 stale) (waiting on @andyyang890 and @annrpom)

pkg/sql/authorization.go line 274 at r1 (raw file):

Previously, annrpom (annie pompa) wrote…

nit: dynamically

done!

@craig
Copy link
Contributor

craig bot commented Aug 25, 2023

Build succeeded:

@craig craig bot merged commit 7bab771 into cockroachdb:master Aug 25, 2023
6 of 8 checks passed
@blathers-crl blathers-crl bot mentioned this pull request Aug 25, 2023
Merged
@cockroach-teamcity cockroach-teamcity mentioned this pull request Aug 26, 2023
Open
@rafiss rafiss deleted the view-system-table-priv branch August 28, 2023 18:49
@rafiss rafiss mentioned this pull request Aug 31, 2023
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@annrpom annrpom annrpom left review comments

@andyyang890 andyyang890 andyyang890 approved these changes

Assignees
No one assigned
Labels
backport-23.1.x Flags PRs that need to be backported to 23.1
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
4 participants
@rafiss @cockroach-teamcity @andyyang890 @annrpom